StrasnoUsporenWin...

1

StrasnoUsporenWin...

offline
  • Pridružio: 27 Nov 2006
  • Poruke: 129
  • Gde živiš: Zrenjanin

U posledjih par dana mi se desava da mi Win abnormalno uspori...Znaci kao da mi se memorija sa 512mb spustila na 128 ili procesor 2.0 na 500Mhz...Zasto,neam pojma...Redovno skeniram i optimizujem komp(tuneup utilities 2007),ne preterano ali eto...Imam instaliran Avast Home 4.7,ZA security 7(antivirus je disableovan,a spyware radi i naravno firewall)...Ni jedan ni drugi ne detektuju nista na kompu,a Adaware Se Pro je naso jedno 7 Data Minera(ne znam koliko je to bitno ali treat level je na 3)...Posto sam vec imao problem tipa sa zatvaranjem prozora u win da li da odradim onu shemu sa vundo fix i avengerom...Za svaki slucaj evo ga log fajl pa bih vas zamolio da pogledate...

Log:


Logfile of HijackThis v1.99.1
Scan saved at 23:25:36, on 3.6.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Opera\Opera.exe
C:\DOCUME~1\-Mario-\LOCALS~1\Temp\Rar$EX53.765\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.bearshare.com/intl/
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html
O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Broken Internet access because of LSP provider 'prxerdrv.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Da li si koristio program Proxifier možda ?

U sledećem postu pored odgovora na ovo pitanje, postavi nov HJT log. Ovoga puta nemoj da ga startuješ iz arhive (rar) već iz posebnog foldera. Obavezno promeni ime programa (fajl HijackThis.exe) u nešto što ne asocira na njega..

offline
  • Pridružio: 27 Nov 2006
  • Poruke: 129
  • Gde živiš: Zrenjanin

Proklet da je!Jesam...citao sam nesto po forumima da se moze zavarati rapidshare,pa sam skinuo taj Proxifier...Pa me smorilo i batalio sam...I,kontam cekacu 2h na sledeci fajl...heh!Zasto??

log fajl:


Logfile of HijackThis v1.99.1
Scan saved at 15:03:43, on 4.6.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Opera\Opera.exe
c:\docume~1\-mario-\applic~1\acid64~1\Roam Option Audio.exe
C:\Documents and Settings\-Mario-\Desktop\t3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.bearshare.com/intl/
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html
O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Broken Internet access because of LSP provider 'prxerdrv.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Sam program Proxifier je prema mojim saznanjima legitiman - znači nemaš šta da se cimaš oko toga. Za njegovo korišćenje sam te pitao zbog toga što u prvom logu nije postojalo ništa što bi ukazivalo na neki malware.

Mogući problem koji sam uočio se tiče 010 linija tj. tiče se internet konekcije i Winsock LSP-a. Prema bazama kojima se služimo za proveru, fajlovi "prxernsp.dll" i "prxerdrv.dll" nisu maliciozni i pripadaju programu Proxifier ali je moguće (u tvojoj situaciji) da mogu stvoriti probleme tipa usporen net ili gubitak protoka..

Ovo se ne briše preko programa HijackThis već se za to koristi program LSP-Fix Ovo su ti smernice samo. Znači - ako nemaš problema sa vezom ne moraš da iskoristiš ovaj alat koji sam ti linkovao.

Dalje.. Nov log i novi rebus.
Šta ti je "c:\documents and settings\-mario-\application data\acid64~1\Roam Option Audio.exe" ?

Moja provera kaže da je maliciozno, ako nisi siguran o čemu se zaista radi uploaduj mi to preko ovog linka:
http://www.mycity.rs/ambulanta-upload.php
-------------------------------------

Kada ovo odradiš (za svaki slučaj) prekeniraj komp sa GMER-om i postavi log da proverimo da nema nekih rootkitova...

Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

offline
  • Pridružio: 27 Nov 2006
  • Poruke: 129
  • Gde živiš: Zrenjanin

Pa imam problema sa Netom kada se odjednom zapuca,dobro mislim logicno onda je i browser zapucan,a protok fura normalno...Jos jedna stvar meni komp sasvim normalno radi posle svezeg restarta,ipak sam odradio i LSP-fix...
Bas cudno taj roam option audio mi se nalazi i u processes u task menageru...hm...
Ne znam sta je to...ili je ostalo od neuspesne instalacije ejay6,ili mi je ostalo od acida,u svakom slucaju mislim da mi to ne treba...stavio sam ga na upload...

log fajl:

Logfile of HijackThis v1.99.1
Scan saved at 16:31:19, on 4.6.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSI\Common\RaUI.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\-Mario-\Desktop\t3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.bearshare.com/intl/
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Rapidown.lnk = C:\Program Files\Rapidown\rapidown.exe
O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html
O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Dopuna: 04 Jun 2007 16:31

Samo da dodam tu ima jos fajlova u tom acid folderu a to su:
bolt third rdr.exe
date slow rule wipe.exe
weklaznc.exe
i naravno roam option audio.exe

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Sve uploaduj slobodno.

btw. Šta bi sa gmer-om ?

offline
  • Pridružio: 27 Nov 2006
  • Poruke: 129
  • Gde živiš: Zrenjanin

Evo uploadovao sam preostala tri fajla...
Malo je duze skenirao pa sam ga ostavio...

gmer:

GMER 1.0.12.12244 - gmer.net
Rootkit scan 2007-06-04 16:47:34
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT sptd.sys ZwOpenKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver

INT 0x20 srescan.sys F8267990

---- Kernel code sections - GMER 1.0.12 ----

.text TUKERNEL.EXE!_abnormal_termination + 107 804E2DD8 12 Bytes [ E0, A1, F5, F4, 70, 04, F6, ... ]
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
? C:\WINDOWS\System32\Drivers\SPTD5853.SYS The process cannot access the file because it is being used by another process.
? srescan.sys The system cannot find the file specified.
? C:\WINDOWS\System32\Drivers\dtscsi.sys The process cannot access the file because it is being used by another process.
? C:\WINDOWS\system32\DRIVERS\update.sys
.text TUKERNEL.EXE!_abnormal_termination + 107 804E2DD8 12 Bytes [ E0, A1, F5, F4, 70, 04, F6, ... ]

---- User code sections - GMER 1.0.12 ----

.text C:\Documents and Settings\-Mario-\Desktop\neki folder\gmer.exe[504] USER32.dll!GetCursor 77D4CECD 5 Bytes JMP 00C91080
.text C:\Documents and Settings\-Mario-\Desktop\neki folder\gmer.exe[504] USER32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 00C91030
.text C:\Documents and Settings\-Mario-\Desktop\neki folder\gmer.exe[504] USER32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 00C91120
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1136] ntdll.dll!KiFastSystemCall + 2 7C90EB8D 2 Bytes [ CD, 20 ]
.text C:\WINDOWS\explorer.exe[1496] USER32.dll!GetCursor 77D4CECD 5 Bytes JMP 10001080 C:\Program Files\CursorXP\CurXP0.dll
.text C:\WINDOWS\explorer.exe[1496] USER32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 10001030 C:\Program Files\CursorXP\CurXP0.dll
.text C:\WINDOWS\explorer.exe[1496] USER32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 10001120 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSI\Common\RaUI.exe[1828] USER32.dll!GetCursor 77D4CECD 5 Bytes JMP 01251080 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSI\Common\RaUI.exe[1828] USER32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 01251030 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSI\Common\RaUI.exe[1828] USER32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 01251120 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LoadLibraryA 7C801D77 6 Bytes JMP 5F250F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LoadResource 7C80A065 6 Bytes JMP 5F1C0F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!FindResourceExW 7C80AB10 7 Bytes JMP 27001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!GetProcAddress 7C80AC28 6 Bytes JMP 5F1F0F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LoadLibraryW 7C80ACD3 6 Bytes JMP 5F220F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!FindResourceW 7C80BA56 6 Bytes JMP 5F160F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!SizeofResource 7C80BAF1 6 Bytes JMP 5F190F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LockResource 7C80C6CF 2 Bytes JMP 27001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!LockResource + 3 7C80C6D2 2 Bytes [ 7F, AA ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!SetUnhandledExceptionFilter 7C810386 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] kernel32.dll!CreateEventA 7C81E4BD 5 Bytes JMP 27001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ADVAPI32.dll!RegQueryValueExA 77DD7883 6 Bytes JMP 5F040F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ADVAPI32.dll!CryptDeriveKey 77DEA685 7 Bytes JMP 27001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ADVAPI32.dll!CryptDecrypt 77DEA7B1 2 Bytes JMP 27001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ADVAPI32.dll!CryptDecrypt + 3 77DEA7B4 4 Bytes [ 21, AF, CC, CC ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!DispatchMessageW 77D489D9 6 Bytes JMP 5F130F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!PeekMessageW 77D49278 5 Bytes JMP 27003AA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!GetCursor 77D4CECD 5 Bytes JMP 03C81080 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!SetWindowLongW 77D4DEF1 6 Bytes JMP 5F0D0F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!DestroyWindow 77D4E666 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!DestroyWindow + 4 77D4E66A 2 Bytes [ 11, 5F ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 03C81030 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 03C81120 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!CreateWindowExW 77D51AD5 6 Bytes JMP 5F0A0F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!SetWindowRgn 77D51DE0 7 Bytes JMP 27004DF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!CreateDialogParamW 77D6629F 5 Bytes JMP 27004E90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!SetWindowPlacement 77D6FBEA 1 Byte [ E9 ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!SetWindowPlacement + 2 77D6FBEC 3 Bytes [ 51, 29, AF ]
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!MessageBoxIndirectW 77D960B7 5 Bytes JMP 27004FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] USER32.dll!TrackPopupMenuEx 77D9CAFE 5 Bytes JMP 27004270 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WS2_32.dll!send 71AB428A 5 Bytes JMP 27009030 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 27008E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WS2_32.dll!recv 71AB615A 5 Bytes JMP 27008C90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 270091B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WS2_32.dll!closesocket 71AB9639 5 Bytes JMP 270093C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] SHELL32.dll!Shell_NotifyIconW 7CA37CE1 5 Bytes JMP 27002B90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ole32.dll!CoInitializeEx 774F42F3 5 Bytes JMP 27001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] ole32.dll!CoRegisterClassObject 77541BFC 5 Bytes JMP 27001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!GetUrlCacheEntryInfoExW 771B83C4 6 Bytes JMP 5F340F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!HttpOpenRequestA 771C4AC5 6 Bytes JMP 5F280F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!InternetCloseHandle 771C61DC 6 Bytes JMP 5F310F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!HttpSendRequestA 771C76B8 5 Bytes JMP 27007E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!HttpQueryInfoA 771C8C6A 6 Bytes JMP 5F2B0F5A
.text C:\Program Files\MSN Messenger\msnmsgr.exe[1972] WININET.dll!InternetReadFile 771C9555 6 Bytes JMP 5F2E0F5A
.text C:\Program Files\Opera\Opera.exe[2656] user32.dll!GetCursor 77D4CECD 5 Bytes JMP 02481080 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\Opera\Opera.exe[2656] user32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 02481030 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\Opera\Opera.exe[2656] user32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 02481120 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\DAP\DAP.exe[3412] USER32.dll!GetCursor 77D4CECD 5 Bytes JMP 059D1080 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\DAP\DAP.exe[3412] USER32.dll!GetIconInfo 77D4E9A1 5 Bytes JMP 059D1030 C:\Program Files\CursorXP\CurXP0.dll
.text C:\Program Files\DAP\DAP.exe[3412] USER32.dll!DrawIconEx 77D4F38A 5 Bytes JMP 059D1120 C:\Program Files\CursorXP\CurXP0.dll

---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 82395BF8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 82395BF8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_CREATE 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_CLOSE 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_INTERNAL_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_CLEANUP 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8B5E288-3686-407D-80D3-BE7C8460FC17} IRP_MJ_PNP 81F4D2E8
Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F4F6B880] vsdatant.sys
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 823E0708
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 823E0708
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F4F6B880] vsdatant.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 823E09C0
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 82180528
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSE 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 81F816F0
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 81F816F0
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 82180528
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 82180528
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 81F4D2E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 81F4D2E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 81F4D2E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 81F4D2E8
Device \Driver\00000039 \Device\0000004b IRP_MJ_POWER [F844EA26] sptd.sys
Device \Driver\00000039 \Device\0000004b IRP_MJ_SYSTEM_CONTROL [F8462BD8] sptd.sys
Device \Driver\00000039 \Device\0000004b IRP_MJ_PNP [F845B54E] sptd.sys
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 81F4D2E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 81F4D2E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 81F4D2E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 81F4D2E8
Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F4F6B880] vsdatant.sys
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSE 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_READ 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL 82395E30
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP 82395E30
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F4F6B880] vsdatant.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_CREATE 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_CLOSE 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_INTERNAL_DEVICE_CONTROL 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_CLEANUP 81F4D2E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F} IRP_MJ_PNP 81F4D2E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 81F142B8
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F4F6B880] vsdatant.sys
Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [F4F6B880] vsdatant.sys
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 81F142B8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 81F142B8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSE 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FLUSH_BUFFERS 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_VOLUME_INFORMATION 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_DIRECTORY_CONTROL 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FILE_SYSTEM_CONTROL 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLEANUP 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_SECURITY 81F100E8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_SECURITY 81F100E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 823E09C0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 823E09C0
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLOSE 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_WRITE 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_INFORMATION 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_INFORMATION 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_VOLUME_INFORMATION 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_DIRECTORY_CONTROL 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_FILE_SYSTEM_CONTROL 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLEANUP 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE_MAILSLOT 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_SECURITY 81EF60E8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_SECURITY 81EF60E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_CREATE 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_CLOSE 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_DEVICE_CONTROL 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_INTERNAL_DEVICE_CONTROL 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_POWER 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_SYSTEM_CONTROL 823950E8
Device \Driver\viamraid \Device\Scsi\viamraid1 IRP_MJ_PNP 823950E8
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSE 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CLOSE 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_POWER 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 8206A510
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_PNP 8206A510
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 81EFAD98
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 81EFAD98

---- EOF - GMER 1.0.12 ----

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Ok. To je to. Proverim ti ovo do večeras pa ti napišem tačno o čemu se radi..

offline
  • Pridružio: 27 Nov 2006
  • Poruke: 129
  • Gde živiš: Zrenjanin

Vazi se...Taman da odspavam partiju... Smile

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Preuzmi program No Lop.

http://www.spywareedge.net/nolop/NoLop.exe

1.) Ugasi sve ostale programe koji su pokrenuti u "pozadini"
2.) Dupli klik na NoLop.exe
3.) Klikni na Search and Destroy
4.) Kada je skeniranje završeno, u slučaju da si zaražen, tražiće da restartuješ računar
4.) Klikni na REBOOT
Trebalo bi da se pojavi NoLop pop-up poruka, ako ne-ponovo dupli klik na NoLop.exe da bi čišćenje bilo završeno
Nakon toga, postuj nam sadržaj C:\NoLop.log i svež HijackThis log

Napomena: Ako se pojavi greška, da mscomctl.ocx ili neki od fajlova nisu tačno registrovani, downloaduj ovaj fajl u svoj system32 folder i onda pokreni program:

http://www.boletrice.com/downloads/mscomctl.ocx

Ko je trenutno na forumu
 

Ukupno su 1372 korisnika na forumu :: 26 registrovanih, 3 sakrivenih i 1343 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aramis s, bestguarder, Bobrock1, cifra, Djokislav, FileFinder, GandorCC, Georgius, hyla, jackreacher011011, Koca Popovic, ladro, laki_bb, M1los, maCvele, Mi lao shu, Milometer, Oscar, Parker, stegonosa, vathra, Volkhov-M, vukdra, W123, zlaya011, zzapNDjuric99